Security Awareness Program Specialist

Job Summary

The Security Awareness Program Specialist is responsible for developing, implementing, and maintaining a comprehensive security awareness program that reduces human risk and strengthens the organization’s security culture. This role focuses on educating employees on security policies, risks, and best practices through training, phishing simulations, and targeted communication campaigns. Working cross-functionally with IT, HR, Legal, and other teams, the specialist ensures that employees are empowered to make secure decisions and that the organization meets compliance and risk management objectives.

This position is ideal for an early- to mid-career security professional seeking to grow experience in security awareness, training, and security culture.

Remote Work Qualifications

• Access to a reliable and secure high-speed internet connection. Cable or fiber internet connections (at least 75mbps download/10mbps upload) are preferred, as satellite connections often cannot support the technologies used to perform day-to-day tasks.
• Access to a home router and modem.
• A dedicated home office space that is noise- and distraction-free. The space should have strong wireless connection or a wired Ethernet connection (wired connection is preferred, if possible).
• A valid, physical address (apartment, suite, etc.). PO Boxes are not supported, as a physical address is required for you to receive your computer equipment.
• The desire and ability to work and communicate with other team members via chat, webcam, etc.
• Legal residents of one of the following states: (AK, AL, AR, AZ, CT, DE, FL, GA, IA, ID, IN, KS, KY, LA, MD, ME, MI, MN, MO, MS, NC, ND, NH, NM, NV, OH, OK, PA, SC, SD, TN, TX, UT, VA, VT, WI, WV, and WY).

We only accept W-2 candidates, H-1B sponsorship is not available.

Responsibilities

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required.

• Program Development – Design, implement, and manage a security awareness program aligned with organizational policies, compliance requirements, and strategic goals.
• Training Delivery – Develop and deliver engaging security training content through e-learning, workshops, newsletters, and campaigns.
• Phishing Simulation Management – Plan and execute phishing simulations to measure awareness, track trends, and reduce susceptibility to social engineering.
• Engagement & Communication – Create communication strategies and campaigns to promote security awareness and foster a culture of accountability.
• Metrics & Reporting – Define and track key performance indicators (e.g., click rates, training completion), and prepare reports with recommendations for improvement.
• Collaboration – Partner with IT, HR, Legal, and other departments to integrate awareness initiatives into broader organizational processes and compliance efforts.
• Continuous Improvement – Stay current on evolving threats, industry best practices, and awareness frameworks, applying them to program enhancements.

Physical Requirements

• Work is performed while sitting/standing and interfacing with a personal computer.
• Requires the ability to communicate effectively using speech, vision, and hearing.
• Requires the regular use of hands for simple grasping and fine manipulations.
• Requires occasional bending, squatting, crawling, climbing, and reaching.
• Requires the ability to occasionally lift, carry, push, or pull medium weights, up to 50lbs.

Qualifications

Experience

• 1–3 years of experience in security awareness, information security, IT training, risk management, or a related role.
• Hands-on experience supporting or administering security awareness or training programs is preferred

Education

• This role does not require a degree. We value relevant skills and experience and alignment with our core values above all else.

Desired Traits & Skills

• Understanding of core security awareness topics (phishing, password hygiene, safe data handling, social engineering).
• Familiarity with frameworks such as NIST SP 800-50 and NIST Cybersecurity Framework.
• Experience with training/awareness platforms (KnowBe4, Proofpoint, Mimecast, etc.).
• Strong written and verbal communication skills; ability to craft clear, engaging messages for diverse audiences.
• Analytical skills for developing metrics, interpreting phishing simulation results, and reporting program effectiveness.
• Ability to balance multiple initiatives and collaborate across departments.
• Leadership skills appropriate to proficiency level, from assisting in program delivery to leading strategic awareness initiatives.
• Working knowledge of common productivity and communication tools, including PowerPoint, Word, Excel, Viva Engage, and Canva, for creating training materials, reports, and awareness communications.